Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e2039323332.roa
File: 3138352e3231332e3234392e302f32342d3234203d3e2039323332.roa (raw, json)
Hash identifier: G89TCZp2wvRal+boy+AoEliIkd5asPEmqXLjDSX3AEs=
Subject key identifier: D9:6F:DC:D6:AD:FB:91:AD:DA:FB:B1:EA:4D:E3:21:D1:94:52:74:56
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 2B63330B9A9AB48B98359331F574C0FF24E208FB
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e2039323332.roa
Signing time: Fri 10 Jan 2025 14:56:32 +0000
ROA not before: Fri 10 Jan 2025 14:51:32 +0000
ROA not after: Fri 09 Jan 2026 14:56:32 +0000
asID: 9232
IP address blocks: 185.213.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:63:33:0b:9a:9a:b4:8b:98:35:93:31:f5:74:c0:ff:24:e2:08:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 10 14:51:32 2025 GMT
Not After : Jan 9 14:56:32 2026 GMT
Subject: CN=D96FDCD6ADFB91ADDAFBB1EA4DE321D194527456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:68:fb:dd:25:b2:79:4a:2c:39:26:e6:4d:e3:
8c:90:07:16:de:29:51:93:18:2c:a3:64:6e:27:bd:
22:29:20:fa:68:ee:61:64:62:75:e5:21:ef:02:47:
18:6e:74:63:e8:80:50:1c:d9:33:a3:03:0f:90:da:
26:c6:fd:2f:96:f4:04:75:00:38:8a:0c:02:08:41:
85:83:3d:61:be:50:ea:1c:e7:03:ed:d1:3e:61:f0:
a8:78:2b:05:f9:a9:70:a6:59:1c:c8:7c:20:8b:92:
7e:8b:2d:a9:92:fa:09:23:81:78:75:52:eb:42:83:
d0:ae:b4:03:6c:00:b3:37:02:b7:e1:63:56:45:2e:
0c:fa:98:69:bd:a0:63:cf:4f:e8:da:67:5d:93:c3:
62:6d:60:cc:01:f3:ea:c4:df:1d:bc:5b:0c:3f:f4:
e3:f4:b2:b7:c0:f0:4a:74:26:0a:9e:76:99:37:03:
88:69:a9:67:da:22:ef:85:9c:39:aa:d1:34:fb:14:
23:d6:2e:02:d8:a1:53:51:7d:e7:dd:24:cd:ec:e0:
7b:87:48:46:c6:51:ae:7e:03:11:96:6b:b7:c9:40:
c7:d1:e4:b1:e7:78:89:47:80:17:99:46:81:1c:de:
d0:f6:03:a4:26:f3:82:9f:93:2d:95:fe:8f:3a:24:
b3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:6F:DC:D6:AD:FB:91:AD:DA:FB:B1:EA:4D:E3:21:D1:94:52:74:56
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e2039323332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d7:7d:cb:38:d7:91:d5:c7:29:8a:dd:06:b3:65:43:89:ad:
10:20:e9:d2:84:11:2d:c5:f2:2b:b4:d0:41:f5:5c:79:4b:62:
24:9d:3f:14:2f:56:a5:c3:c8:96:d6:84:7e:cd:d4:cb:57:be:
f5:a4:a2:88:4e:16:0f:3d:ea:e3:7b:3d:f1:d8:2c:f7:da:2d:
3e:95:73:2b:9d:8b:11:5e:37:54:3d:61:a1:ad:f0:67:29:e5:
af:c4:bb:7a:69:ca:e8:a3:db:2e:75:ea:d5:c5:9b:da:61:c2:
1d:32:48:5e:c6:e2:16:cb:3d:5b:68:d6:95:96:60:1e:6f:4b:
f0:1d:09:4b:ba:05:f3:88:00:17:50:75:2f:46:e2:70:6d:36:
03:28:ff:14:7f:a6:d5:69:7c:f9:02:2e:29:c0:06:87:7e:60:
21:71:a5:84:e5:55:9e:55:f1:c1:c6:72:b4:b7:bd:bb:55:5c:
ae:f0:ca:44:d6:ed:46:25:13:fd:ec:64:d4:42:5b:31:f4:a1:
46:40:11:ca:20:86:73:62:aa:9b:4f:80:85:34:8a:77:44:71:
ea:ce:8b:a3:f8:44:5c:f9:f2:b1:98:5f:a0:7b:b9:08:5e:94:
f0:29:a8:12:f3:43:88:d9:2f:f0:b7:1d:d8:5c:1f:2d:aa:43:
6a:46:84:7a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUK2MzC5qatIuYNZMx9XTA/yTiCPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTAxNDUxMzJaFw0yNjAxMDkxNDU2MzJaMDMxMTAvBgNV
BAMTKEQ5NkZEQ0Q2QURGQjkxQUREQUZCQjFFQTRERTMyMUQxOTQ1Mjc0NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7aPvdJbJ5Siw5JuZN44yQBxbe
KVGTGCyjZG4nvSIpIPpo7mFkYnXlIe8CRxhudGPogFAc2TOjAw+Q2ibG/S+W9AR1
ADiKDAIIQYWDPWG+UOoc5wPt0T5h8Kh4KwX5qXCmWRzIfCCLkn6LLamS+gkjgXh1
UutCg9CutANsALM3ArfhY1ZFLgz6mGm9oGPPT+jaZ12Tw2JtYMwB8+rE3x28Www/
9OP0srfA8Ep0Jgqedpk3A4hpqWfaIu+FnDmq0TT7FCPWLgLYoVNRfefdJM3s4HuH
SEbGUa5+AxGWa7fJQMfR5LHneIlHgBeZRoEc3tD2A6Qm84Kfky2V/o86JLNVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2W/c1q37ka3a+7HqTeMh0ZRSdFYwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzIzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udX5MA0GCSqGSIb3DQEBCwUAA4IBAQB6133LONeR1ccpit0Gs2VDia0QIOnShBEt
xfIrtNBB9Vx5S2IknT8UL1alw8iW1oR+zdTLV771pKKIThYPPerjez3x2Cz32i0+
lXMrnYsRXjdUPWGhrfBnKeWvxLt6acroo9suderVxZvaYcIdMkhexuIWyz1baNaV
lmAeb0vwHQlLugXziAAXUHUvRuJwbTYDKP8Uf6bVaXz5Ai4pwAaHfmAhcaWE5VWe
VfHBxnK0t727VVyu8MpE1u1GJRP97GTUQlsx9KFGQBHKIIZzYqqbT4CFNIp3RHHq
zouj+ERc+fKxmF+ge7kIXpTwKagS80OI2S/wtx3YXB8tqkNqRoR6
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:52:35 2025 by rpki-client